Skip to main content

Documentation Index

Fetch the complete documentation index at: https://mintlify.com/Kr-Yogsa/ECE-BOT/llms.txt

Use this file to discover all available pages before exploring further.

New users register through a three-step flow that verifies email ownership before an account is created. The OTP is valid for 10 minutes and can only be used once. The first account created automatically becomes an admin; all subsequent accounts receive the user role. Operators pre-invited by an admin complete the same flow and are assigned the operator role automatically.

Step 1 — Request a signup OTP

Send the user’s email address to receive a one-time code by email. POST /auth/request-signup-otp

Request body

email
string
required
The email address to register. Must be a valid email format.

Responses

message
string
Confirmation that the OTP was dispatched.Example: "OTP sent to your email."

Error responses

StatusError messageCause
400"Email is required."Missing email field.
400"Please enter a valid email address."Malformed email.
409"User already exists."An active account already exists for this email.
429"OTP already sent. Please wait 1 minute before requesting again."OTP was requested within the last 60 seconds.
A 60-second cooldown is enforced between OTP requests for the same email. If the user requests too soon, respond with the 429 error and prompt them to wait.

Example

curl -X POST https://your-app.onrender.com/auth/request-signup-otp \
  -H "Content-Type: application/json" \
  -d '{"email": "user@example.com"}'

Step 2 — Verify the OTP

Confirm that the user received and can read the code before they set a password. POST /auth/verify-signup-otp

Request body

email
string
required
The email address the OTP was sent to.
otp
string
required
The 6-digit one-time code from the email.

Responses

message
string
Confirmation that verification succeeded and the user may proceed.Example: "OTP verified. You can now create your password."

Error responses

StatusError messageCause
400"Email and OTP are required."One or both fields missing.
400"Please enter a valid email address."Malformed email.
400"Invalid OTP."Code does not match the stored hash.
400"OTP has expired."The 10-minute window has passed.
This step does not consume the OTP. The same code must be submitted again in Step 3 to complete signup.

Example

curl -X POST https://your-app.onrender.com/auth/verify-signup-otp \
  -H "Content-Type: application/json" \
  -d '{"email": "user@example.com", "otp": "123456"}'

Step 3 — Complete signup

Submit all registration details together with the verified OTP to create the account. POST /auth/signup

Request body

name
string
required
The user’s display name.
email
string
required
The email address that received the OTP.
password
string
required
The password to set for the new account.
otp
string
required
The 6-digit OTP from the email (same code used in Step 2).

Responses

message
string
Confirmation that the account was created.Example: "Signup successful. Please login."
user
object
The newly created user record.

Error responses

StatusError messageCause
400"Name, email, password, and OTP are required."One or more fields missing.
400"Please enter a valid email address."Malformed email.
400"Invalid OTP."Code does not match.
400"OTP has expired."The 10-minute window has passed.
409"User already exists."Account already exists for this email.

Example

curl -X POST https://your-app.onrender.com/auth/signup \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Jane Smith",
    "email": "user@example.com",
    "password": "securepassword",
    "otp": "123456"
  }'

Full signup flow

1

Request OTP

Call POST /auth/request-signup-otp with the user’s email. The server sends a 6-digit code valid for 10 minutes.
2

Verify OTP

Call POST /auth/verify-signup-otp with the email and the received code. A success response signals that the code is correct and you may show the password field.
3

Create account

Call POST /auth/signup with name, email, password, and the same OTP. The server creates the account, marks the OTP as used, and returns the new user record.
The first account created in a fresh deployment is automatically assigned the admin role. All subsequent accounts receive the user role unless the email matches an operator invite created by an admin.

Build docs developers (and LLMs) love

Get started for freeTalk to us